How HashEx is developing new auditing methods to outsmart hackers, as told by founder Dmitry Mishunin

Published at: Feb. 10, 2022

As the cryptocurrency market has grown, so too have the number of bad actors looking to exploit vulnerable decentralized finance, or DeFi, protocols, and projects for their own gain. Earlier this month, the Ethereum-Solana Wormhole token bridge suffered the biggest hack of 2022, with $321 million lost due to a signature verification vulnerability. Such exploits have gotten increasingly sophisticated over the years.

But blockchain security firms like HashEx are keeping up the pace just as hackers upgrade their tactics. During the past few years, HashEx has audited more than 700 DeFi smart contracts that secure over $2 billion worth of investors' funds. One notable project that utilizes HashEx is Trader Joe, a popular decentralized exchange on the Avalanche (AVAX) blockchain. In an exclusive interview with Cointelegraph, Dmitry Mishunin, CEO and founder of HashEx, explains just how the firm is upgrading its auditing process to protect crypto enthusiasts against possible breaches.

The old-fashioned auditing method consists of a manual check and an automatic test of the underlying code. As Dmitry told Cointelegraph:

"Traditionally, a group of auditors manually tests the logic of contracts; they're trying to imagine some inputs values which can break their logic. It's like an Olympic Games for programmers. But this is only good when your auditor is experienced enough."

Sometimes, Dmitry continues, "problems cannot be conjured then tested, as they are do not arise mistakes in the logical flow of code, but from minor errors such as in the Ethereum Virtual Machine, which happens quite often." To overcome this fault, HashEx has derived a new "stochastic (random) testing" method. Using AI, its software generates 1,000 to 100,000 randomized transactions with different trends and parameters to stress-test the smart contract. 

"With random transactions, it looks like a simulation of a person with a crazy idea [commonly descriptive of hackers] creating something to break the contract."

When asked about whether or not there have been any breaches in smart contracts audited by HashEx, Dmitry was very humble in his response. In 2020, none of the firm's audited projects experienced any hacks. But in 2021, two minor incidents occurred out of hundreds of projects that went on to be secure. One project on the Avalanche network had a critical issue in the audited contract and lost about $100k. Meanwhile, Dmitry explained that the other incident wasn't a hack per se, as the contract had a bug that prevented the withdrawals of fees. "It's the real world; sometimes we miss it," says Dmitry.

Tags
Related Posts
Unitize Conference Covers Ground, Mulls Blockchain Adoption and DeFi
Retail and enterprise blockchain adoption trends dominated the discussions on days three and four of the ongoing virtual conference Unitize, organized by BlockShow and San Francisco Blockchain Week and sponsored by crypto derivatives exchange ByBit. The key topic that dominated discussion was blockchain adoption, which continues to spread across the globe, with governments and corporate establishments developing solutions based on distributed ledger technology. Exploring the blockchain development landscape Speaking during one of Wednesday’s panels at the conference. Yi Ming Ng, a member of the Tribe Accelerator project in Singapore, and Marloes Pomp, a blockchain consultant with the Dutch government, shed …
Technology / July 10, 2020
Neo users explain why they've held on to the project despite China's heavy crypto crackdown
It's been a wild ride for Neo (dubbed "Ethereum of China") investors in the past few years, especially as China began to incrementally introduce harsher crypto regulations. But despite the odds, the community appears to be resilient, with a dedicated society of developers worldwide and a bourgeoning decentralized finance, or DeFi, hub that came into prominence via the launch of Neo N3 mainnet last year. As told by Neo investors Lucas and Jiří, who spoke to Cointelegraph, they were not expecting such a "huge drop in price" for Neo. Still, they nevertheless decided to hold their Neo tokens through all …
Decentralization / Feb. 28, 2022
Binance recovers $5.8M in funds connected to Ronin bridge exploit
Via a Twitter post on Friday, Changpeng Zhao, CEO of Binance, said that the cryptocurrency exchange recovered $5.8 million spread over 86 accounts in digital assets moved to the exchange by Lazarus Group. Last month, the North Korean cyber-criminal group allegedly stole 173,600 Ether (ETH) and 25.5 million USD Coin (USDC), worth over $600 million at the time, belonging to Axie Infinity's Ronin bridge. As of Friday, the wallet address associated with the Ronin has around $280 million in digital assets remaining. Blockchain forensics company Elliptic recently uncovered that the hackers have been sending the money to centralized exchanges and …
Technology / April 22, 2022
What are the most bullish cryptocurrencies to buy right now? | Find out now on The Market Report
The Market Report with Cointelegraph is live right now. On this week’s show, Cointelegraph’s resident experts discuss what they believe are the top three most bullish coins one should take a closer look at. But first, market expert Marcel Pechman carefully examines the Bitcoin (BTC) and Ether (ETH) markets. Are the current market conditions bullish or bearish? What is the outlook for the next few months? Pechman is here to break it down. Next up: the main event. Join Cointelegraph analysts Benton Yaun, Jordan Finneseth and Sam Bourgi as each makes his case for the most bullish cryptocurrency right now. …
Decentralization / May 3, 2022
Top 7 blockchain courses and certifications for beginners
Blockchain courses and certifications can play an important role in helping individuals gain a comprehensive understanding of blockchain technology and its applications. By completing these courses, individuals can develop technical skills, stay current with industry developments, enhance their career opportunities and increase their earning potential. Here are seven blockchain courses and certifications for beginners. INE’s Blockchain Security INE’s Blockchain Security course is an online course offered by Internetwork Expert (INE) that provides a comprehensive overview of the security aspects of blockchain technology. The course covers various topics such as consensus algorithms, cryptography, network security, smart contract security, and blockchain attacks …
Decentralization / Feb. 2, 2023